| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <518c6ce4-1e6e-ef8d-ba55-fb35a828b874@intel.com>
Date: Thu, 4 Feb 2021 16:10:13 -0800
From: "Yu, Yu-cheng" <yu-cheng.yu@...el.com>
To: Kees Cook <keescook@...omium.org>
Cc: x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
linux-doc@...r.kernel.org, linux-mm@...ck.org,
linux-arch@...r.kernel.org, linux-api@...r.kernel.org,
Arnd Bergmann <arnd@...db.de>,
Andy Lutomirski <luto@...nel.org>,
Balbir Singh <bsingharora@...il.com>,
Borislav Petkov <bp@...en8.de>,
Cyrill Gorcunov <gorcunov@...il.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Eugene Syromiatnikov <esyr@...hat.com>,
Florian Weimer <fweimer@...hat.com>,
"H.J. Lu" <hjl.tools@...il.com>, Jann Horn <jannh@...gle.com>,
Jonathan Corbet <corbet@....net>,
Mike Kravetz <mike.kravetz@...cle.com>,
Nadav Amit <nadav.amit@...il.com>,
Oleg Nesterov <oleg@...hat.com>, Pavel Machek <pavel@....cz>,
Peter Zijlstra <peterz@...radead.org>,
Randy Dunlap <rdunlap@...radead.org>,
"Ravi V. Shankar" <ravi.v.shankar@...el.com>,
Vedvyas Shanbhogue <vedvyas.shanbhogue@...el.com>,
Dave Martin <Dave.Martin@....com>,
Weijiang Yang <weijiang.yang@...el.com>,
Pengfei Xu <pengfei.xu@...el.com>,
Michael Kerrisk <mtk.manpages@...il.com>
Subject: Re: [PATCH v19 06/25] x86/cet: Add control-protection fault handler
On 2/4/2021 12:09 PM, Kees Cook wrote:
> On Wed, Feb 03, 2021 at 02:55:28PM -0800, Yu-cheng Yu wrote:
[...]
>> diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
>> index 7f5aec758f0e..f5354c35df32 100644
>> --- a/arch/x86/kernel/traps.c
>> +++ b/arch/x86/kernel/traps.c
>> @@ -606,6 +606,66 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection)
>> cond_local_irq_disable(regs);
>> }
>>
>> +#ifdef CONFIG_X86_CET
>> +static const char * const control_protection_err[] = {
>> + "unknown",
>> + "near-ret",
>> + "far-ret/iret",
>> + "endbranch",
>> + "rstorssp",
>> + "setssbsy",
>> +};
>> +
>> +/*
>> + * When a control protection exception occurs, send a signal to the responsible
>> + * application. Currently, control protection is only enabled for user mode.
>> + * This exception should not come from kernel mode.
>> + */
>> +DEFINE_IDTENTRY_ERRORCODE(exc_control_protection)
>> +{
>> + static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
>> + DEFAULT_RATELIMIT_BURST);
>> + struct task_struct *tsk;
>> +
>> + if (!user_mode(regs)) {
>> + pr_emerg("PANIC: unexpected kernel control protection fault\n");
>> + die("kernel control protection fault", regs, error_code);
>> + panic("Machine halted.");
>> + }
>> +
>> + cond_local_irq_enable(regs);
>> +
>> + if (!boot_cpu_has(X86_FEATURE_CET))
>> + WARN_ONCE(1, "Control protection fault with CET support disabled\n");
>> +
>> + tsk = current;
>> + tsk->thread.error_code = error_code;
>> + tsk->thread.trap_nr = X86_TRAP_CP;
>> +
>> + if (show_unhandled_signals && unhandled_signal(tsk, SIGSEGV) &&
>> + __ratelimit(&rs)) {
>> + unsigned int max_err;
>> + unsigned long ssp;
>> +
>> + max_err = ARRAY_SIZE(control_protection_err) - 1;
>> + if (error_code < 0 || error_code > max_err)
>> + error_code = 0;
>
> Do you want to mask the error_code here before printing its value?
>
>> +
>> + rdmsrl(MSR_IA32_PL3_SSP, ssp);
>> + pr_emerg("%s[%d] control protection ip:%lx sp:%lx ssp:%lx error:%lx(%s)",
>> + tsk->comm, task_pid_nr(tsk),
>> + regs->ip, regs->sp, ssp, error_code,
>> + control_protection_err[error_code]);
>
> Instead, you could clamp error_code to ARRAY_SIZE(control_protection_err),
> and add another "unknown" to the end of the strings:
>
> control_protection_err[
> array_index_nospec(error_code,
> ARRAY_SIZE(control_protection_err))]
>
> Everything else looks good.
>
I will update it. Thanks!
[...]
Powered by blists - more mailing lists